China takes stock of “Leakgate” hacking spree

Chinese hackers routinely stands accused of breaking into sites around the world. Even technology standouts like Google and RSA Security have suffered breaches. One report said that Chinese hackers had stolen $500 billion worth of information from U.S. companies alone in 2011.

Credit: Kioskiea.net under Creative Commons license

Now the Chinese are being hacked themselves. Caixin Online published a lengthy look at “Leakgate,” a veritable spree of hacks in December where Chinese commercial and government sites had passwords and other user information stolen. A state-run entity, the China National Computer Emergency Response Technical Team, said that 26 databases were hacked, affecting 278 million user names and passwords. Even some Chinese government agencies appeared to have their databases hacked, including one that had foreign travel applications and included names, birth dates, phone numbers and passport numbers.

China’s economic rise means “the value of information contained in website databases is increasing,” Ma Jie, CEO of web security firm Anquanbao.com, told Caixin Online. At the same time, he said, “security and prevention measures have not been strengthened.”

Caixin Online did not speculate on whether the hackers came from inside China. But some of the stolen data seems to be used to perpetrate other crimes in China, including looting the bank account of at least one Chinese millionaire.